<?php
include("../include/db.php");

$_SESSION['rpage'] = $_SERVER['REQUEST_URI']; 
if(!isset($_SESSION[$prefix."_username"])){header("location:../login/");exit;}
if ($_SESSION[$prefix."_security"] < 10){header("location:../login/?error=2"); exit;}

$year = date("Y");
$action = $_GET[action];
?>

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<link rel="stylesheet" type="text/css" href="includes/admin.css"/>
<title><?php echo $global_title;?></title>

</head>
<body>

<div id="wrap">
	<div id="page-header">
		<?php include('includes/header.php');?>

	</div>
	
	<div id="page-body">
		<div id="tabs">
			<?php $tab="main"; include('includes/header_tabs.php');?>
		</div>

		<div id="acp">
		<div class="panel">
			<span class="corners-top"><span></span></span>
				<div id="content">
				<div id="menu">
						
					<?php include('includes/menu_top.php');?>	
					<?php include('includes/menu_main.php');?>
					</div>
	
					<div id="main">
<a name="maincontent"></a>

<?php if($action != ''){
		echo "<div class='successbox'>";
			if($action == 'added'){echo "<p class='action_message'>Added Film!</p>";}
			if($action == 'updated'){echo "<p class='action_message'>Updated Film!</p>";}
			if($action == 'deleted'){echo "<p class='action_message'>Removed Film!</p>";}
		echo "</div>";
		} ?>

<h1>Manage Films</h1>
	<a href="film_add.php">Add a Film</a>


          <table width="95%" border="0" class="underline">
            <thead> 
             <tr>
                <th>Film</th>
                <th>Info</th>
             </tr>
           </thead>
              <tbody>
              <?php
	$result = mysql_query("SELECT film_id, title, director, year_produced FROM films  WHERE film_id > 0  ORDER BY title_alpha", $db);
      	while ($myrow = mysql_fetch_array($result, MYSQL_ASSOC)) { 
      	if($class == 'row2'){$class = 'row1';}else{$class = 'row2';}
      	?>
      	
      	<tr class="<?php echo $class;?>">
      		<td><a href="film_edit.php?id=<?php echo $myrow["film_id"];?>"><?php echo $myrow["title"];?></a></td>
      		<td><?php echo $myrow["year_produced"]." - ".$myrow[director];?></td>
      	</tr>
            		  
   <?php $nolist = ''; } ?>              

                </tr>
              </tbody>
            </table>

          </form>


    
		</div><!-- main -->
	</div><!-- content -->
<span class="corners-bottom"><span></span></span>
</div><!-- panel -->
</div><!-- acp -->

	
	<div id="page-footer">
	<?php include('includes/footer.php');?>
				</div>
</div><!-- page-body -->
</div><!-- wrap -->

</body> 
</html>